summaryrefslogtreecommitdiff
path: root/src/validators/tcp-flag
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-01-14 20:30:56 +0100
committerGitHub <noreply@github.com>2022-01-14 20:30:56 +0100
commit9aa8e51de06bda0099231f2567dbb83e430faee4 (patch)
tree1eecd3caba390e300450af400bffee90ed137887 /src/validators/tcp-flag
parent97472739b4432cdbf8f73275ab00876add071692 (diff)
parentdf5a862beb84145dfc8434efde7d7fee783199cf (diff)
downloadvyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.tar.gz
vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.zip
Merge pull request #1167 from sarthurdev/firewall
firewall: T4178: Use lowercase for TCP flags and add an validator
Diffstat (limited to 'src/validators/tcp-flag')
-rwxr-xr-xsrc/validators/tcp-flag19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/validators/tcp-flag b/src/validators/tcp-flag
new file mode 100755
index 000000000..86ebec189
--- /dev/null
+++ b/src/validators/tcp-flag
@@ -0,0 +1,19 @@
+#!/usr/bin/python3
+
+import sys
+import re
+
+if __name__ == '__main__':
+ if len(sys.argv)>1:
+ flags = sys.argv[1].split(",")
+
+ for flag in flags:
+ if flag and flag[0] == '!':
+ flag = flag[1:]
+ if flag.lower() not in ['syn', 'ack', 'rst', 'fin', 'urg', 'psh']:
+ print(f'Error: {flag} is not a valid TCP flag')
+ sys.exit(1)
+ else:
+ sys.exit(2)
+
+ sys.exit(0)